Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
fee14197 | 4 | | CiviCRM version 5 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
6b83d5bd | 6 | | Copyright CiviCRM LLC (c) 2004-2019 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
d25dd0ee | 26 | */ |
6a488035 TO |
27 | |
28 | /** | |
29 | * | |
30 | * @package CRM | |
6b83d5bd | 31 | * @copyright CiviCRM LLC (c) 2004-2019 |
6a488035 TO |
32 | */ |
33 | ||
34 | require_once 'HTML/QuickForm/Rule/Email.php'; | |
f942c321 | 35 | |
5bc392e6 EM |
36 | /** |
37 | * Class CRM_Utils_Rule | |
38 | */ | |
6a488035 TO |
39 | class CRM_Utils_Rule { |
40 | ||
5bc392e6 EM |
41 | /** |
42 | * @param $str | |
43 | * @param int $maxLength | |
44 | * | |
45 | * @return bool | |
46 | */ | |
00be9182 | 47 | public static function title($str, $maxLength = 127) { |
6a488035 TO |
48 | |
49 | // check length etc | |
50 | if (empty($str) || strlen($str) > $maxLength) { | |
51 | return FALSE; | |
52 | } | |
53 | ||
54 | // Make sure it include valid characters, alpha numeric and underscores | |
55 | if (!preg_match('/^\w[\w\s\'\&\,\$\#\-\.\"\?\!]+$/i', $str)) { | |
56 | return FALSE; | |
57 | } | |
58 | ||
59 | return TRUE; | |
60 | } | |
61 | ||
5bc392e6 EM |
62 | /** |
63 | * @param $str | |
64 | * | |
65 | * @return bool | |
66 | */ | |
00be9182 | 67 | public static function longTitle($str) { |
6a488035 TO |
68 | return self::title($str, 255); |
69 | } | |
70 | ||
5bc392e6 EM |
71 | /** |
72 | * @param $str | |
73 | * | |
74 | * @return bool | |
75 | */ | |
00be9182 | 76 | public static function variable($str) { |
6a488035 TO |
77 | // check length etc |
78 | if (empty($str) || strlen($str) > 31) { | |
79 | return FALSE; | |
80 | } | |
81 | ||
50bfb460 | 82 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
83 | if (!preg_match('/^[\w]+$/i', $str)) { |
84 | return FALSE; | |
85 | } | |
86 | ||
87 | return TRUE; | |
88 | } | |
89 | ||
00f11506 | 90 | /** |
a33b83c5 | 91 | * Validate that a string is a valid MySQL column name or alias. |
b794b580 | 92 | * |
00f11506 MM |
93 | * @param $str |
94 | * | |
95 | * @return bool | |
96 | */ | |
a33b83c5 | 97 | public static function mysqlColumnNameOrAlias($str) { |
10ed14b0 MM |
98 | // Check not empty. |
99 | if (empty($str)) { | |
00f11506 MM |
100 | return FALSE; |
101 | } | |
102 | ||
7cec4a9a CB |
103 | // Ensure $str conforms to expected format. Not a complete expression of |
104 | // what MySQL permits; this should permit the formats CiviCRM generates. | |
105 | // | |
106 | // * Table name prefix is optional. | |
107 | // * Table & column names & aliases: | |
108 | // * Composed of alphanumeric chars, underscore and hyphens. | |
109 | // * Maximum length of 64 chars. | |
110 | // * Optionally surrounded by backticks, in which case spaces also OK. | |
38c9ed00 | 111 | if (!preg_match('/^((`[-\w ]{1,64}`|[-\w]{1,64})\.)?(`[-\w ]{1,64}`|[-\w]{1,64})$/i', $str)) { |
00f11506 MM |
112 | return FALSE; |
113 | } | |
114 | ||
115 | return TRUE; | |
116 | } | |
117 | ||
118 | /** | |
b794b580 CB |
119 | * Validate that a string is ASC or DESC. |
120 | * | |
121 | * Empty string should be treated as invalid and ignored => default = ASC. | |
00f11506 | 122 | * |
b794b580 | 123 | * @param $str |
00f11506 MM |
124 | * @return bool |
125 | */ | |
b794b580 | 126 | public static function mysqlOrderByDirection($str) { |
00f11506 MM |
127 | if (!preg_match('/^(asc|desc)$/i', $str)) { |
128 | return FALSE; | |
129 | } | |
130 | ||
131 | return TRUE; | |
132 | } | |
133 | ||
0fa4baf0 MM |
134 | /** |
135 | * Validate that a string is valid order by clause. | |
136 | * | |
137 | * @param $str | |
138 | * @return bool | |
139 | */ | |
140 | public static function mysqlOrderBy($str) { | |
be2fb01f | 141 | $matches = []; |
9d5c7f14 | 142 | // Using the field function in order by is valid. |
143 | // Look for a string like field(contribution_status_id,3,4,6). | |
144 | // or field(civicrm_contribution.contribution_status_id,3,4,6) | |
145 | if (preg_match('/field\([a-z_.]+,[0-9,]+\)/', $str, $matches)) { | |
146 | // We have checked these. Remove them as they will fail the next lot. | |
147 | // Our check currently only permits numbers & no back ticks. If we get a | |
148 | // need for strings or backticks we can add. | |
149 | $str = str_replace($matches, '', $str); | |
150 | } | |
151 | $str = trim($str); | |
152 | if (!empty($matches) && empty($str)) { | |
153 | // nothing left to check after the field check. | |
154 | return TRUE; | |
155 | } | |
0fa4baf0 MM |
156 | // Making a regex for a comma separated list is quite hard and not readable |
157 | // at all, so we split and loop over. | |
158 | $parts = explode(',', $str); | |
159 | foreach ($parts as $part) { | |
a99e69c2 | 160 | if (!preg_match('/^((`[\w-]{1,64}`|[\w-]{1,64})\.)*(`[\w-]{1,64}`|[\w-]{1,64})( (asc|desc))?$/i', trim($part))) { |
0fa4baf0 MM |
161 | return FALSE; |
162 | } | |
163 | } | |
164 | ||
165 | return TRUE; | |
166 | } | |
167 | ||
5bc392e6 EM |
168 | /** |
169 | * @param $str | |
170 | * | |
171 | * @return bool | |
172 | */ | |
00be9182 | 173 | public static function qfVariable($str) { |
6a488035 TO |
174 | // check length etc |
175 | //if ( empty( $str ) || strlen( $str ) > 31 ) { | |
176 | if (strlen(trim($str)) == 0 || strlen($str) > 31) { | |
177 | return FALSE; | |
178 | } | |
179 | ||
50bfb460 | 180 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
181 | // added (. and ,) option (CRM-1336) |
182 | if (!preg_match('/^[\w\s\.\,]+$/i', $str)) { | |
183 | return FALSE; | |
184 | } | |
185 | ||
186 | return TRUE; | |
187 | } | |
188 | ||
5bc392e6 EM |
189 | /** |
190 | * @param $phone | |
191 | * | |
192 | * @return bool | |
193 | */ | |
00be9182 | 194 | public static function phone($phone) { |
6a488035 TO |
195 | // check length etc |
196 | if (empty($phone) || strlen($phone) > 16) { | |
197 | return FALSE; | |
198 | } | |
199 | ||
50bfb460 | 200 | // make sure it includes valid characters, (, \s and numeric |
6a488035 TO |
201 | if (preg_match('/^[\d\(\)\-\.\s]+$/', $phone)) { |
202 | return TRUE; | |
203 | } | |
204 | return FALSE; | |
205 | } | |
206 | ||
5bc392e6 EM |
207 | /** |
208 | * @param $query | |
209 | * | |
210 | * @return bool | |
211 | */ | |
00be9182 | 212 | public static function query($query) { |
6a488035 TO |
213 | // check length etc |
214 | if (empty($query) || strlen($query) < 3 || strlen($query) > 127) { | |
215 | return FALSE; | |
216 | } | |
217 | ||
50bfb460 | 218 | // make sure it includes valid characters, alpha numeric and underscores |
6a488035 TO |
219 | if (!preg_match('/^[\w\s\%\'\&\,\$\#]+$/i', $query)) { |
220 | return FALSE; | |
221 | } | |
222 | ||
223 | return TRUE; | |
224 | } | |
225 | ||
5bc392e6 EM |
226 | /** |
227 | * @param $url | |
228 | * | |
229 | * @return bool | |
230 | */ | |
00be9182 | 231 | public static function url($url) { |
c7cd4e2c | 232 | if (!$url) { |
233 | // If this is required then that should be checked elsewhere - here we are not assuming it is required. | |
234 | return TRUE; | |
235 | } | |
1136a401 | 236 | if (preg_match('/^\//', $url)) { |
237 | // allow relative URL's (CRM-15598) | |
238 | $url = 'http://' . $_SERVER['HTTP_HOST'] . $url; | |
239 | } | |
6a488035 TO |
240 | return (bool) filter_var($url, FILTER_VALIDATE_URL); |
241 | } | |
242 | ||
d9d7e7dd TO |
243 | /** |
244 | * @param $url | |
245 | * | |
246 | * @return bool | |
247 | */ | |
248 | public static function urlish($url) { | |
249 | if (empty($url)) { | |
250 | return TRUE; | |
251 | } | |
e3d28c74 | 252 | $url = Civi::paths()->getUrl($url, 'absolute'); |
d9d7e7dd TO |
253 | return (bool) filter_var($url, FILTER_VALIDATE_URL); |
254 | } | |
255 | ||
5bc392e6 EM |
256 | /** |
257 | * @param $string | |
258 | * | |
259 | * @return bool | |
260 | */ | |
00be9182 | 261 | public static function wikiURL($string) { |
6a488035 TO |
262 | $items = explode(' ', trim($string), 2); |
263 | return self::url($items[0]); | |
264 | } | |
265 | ||
5bc392e6 EM |
266 | /** |
267 | * @param $domain | |
268 | * | |
269 | * @return bool | |
270 | */ | |
00be9182 | 271 | public static function domain($domain) { |
6a488035 TO |
272 | // not perfect, but better than the previous one; see CRM-1502 |
273 | if (!preg_match('/^[A-Za-z0-9]([A-Za-z0-9\.\-]*[A-Za-z0-9])?$/', $domain)) { | |
274 | return FALSE; | |
275 | } | |
276 | return TRUE; | |
277 | } | |
278 | ||
5bc392e6 EM |
279 | /** |
280 | * @param $value | |
281 | * @param null $default | |
282 | * | |
283 | * @return null | |
284 | */ | |
00be9182 | 285 | public static function date($value, $default = NULL) { |
6a488035 TO |
286 | if (is_string($value) && |
287 | preg_match('/^\d\d\d\d-?\d\d-?\d\d$/', $value) | |
288 | ) { | |
289 | return $value; | |
290 | } | |
291 | return $default; | |
292 | } | |
293 | ||
5bc392e6 EM |
294 | /** |
295 | * @param $value | |
296 | * @param null $default | |
297 | * | |
298 | * @return null|string | |
299 | */ | |
00be9182 | 300 | public static function dateTime($value, $default = NULL) { |
6a488035 TO |
301 | $result = $default; |
302 | if (is_string($value) && | |
303 | preg_match('/^\d\d\d\d-?\d\d-?\d\d(\s\d\d:\d\d(:\d\d)?|\d\d\d\d(\d\d)?)?$/', $value) | |
304 | ) { | |
305 | $result = $value; | |
306 | } | |
307 | ||
308 | return $result; | |
309 | } | |
310 | ||
311 | /** | |
100fef9d | 312 | * Check the validity of the date (in qf format) |
6a488035 TO |
313 | * note that only a year is valid, or a mon-year is |
314 | * also valid in addition to day-mon-year. The date | |
315 | * specified has to be beyond today. (i.e today or later) | |
316 | * | |
317 | * @param array $date | |
77855840 TO |
318 | * @param bool $monthRequired |
319 | * Check whether month is mandatory. | |
6a488035 | 320 | * |
a6c01b45 CW |
321 | * @return bool |
322 | * true if valid date | |
6a488035 | 323 | */ |
00be9182 | 324 | public static function currentDate($date, $monthRequired = TRUE) { |
6a488035 TO |
325 | $config = CRM_Core_Config::singleton(); |
326 | ||
327 | $d = CRM_Utils_Array::value('d', $date); | |
328 | $m = CRM_Utils_Array::value('M', $date); | |
329 | $y = CRM_Utils_Array::value('Y', $date); | |
330 | ||
331 | if (!$d && !$m && !$y) { | |
332 | return TRUE; | |
333 | } | |
334 | ||
335 | // CRM-9017 CiviContribute/CiviMember form with expiration date format 'm Y' | |
8cc574cf | 336 | if (!$m && !empty($date['m'])) { |
6a488035 TO |
337 | $m = CRM_Utils_Array::value('m', $date); |
338 | } | |
339 | ||
340 | $day = $mon = 1; | |
341 | $year = 0; | |
342 | if ($d) { | |
343 | $day = $d; | |
344 | } | |
345 | if ($m) { | |
346 | $mon = $m; | |
347 | } | |
348 | if ($y) { | |
349 | $year = $y; | |
350 | } | |
351 | ||
352 | // if we have day we need mon, and if we have mon we need year | |
353 | if (($d && !$m) || | |
354 | ($d && !$y) || | |
355 | ($m && !$y) | |
356 | ) { | |
357 | return FALSE; | |
358 | } | |
359 | ||
360 | $result = FALSE; | |
361 | if (!empty($day) || !empty($mon) || !empty($year)) { | |
362 | $result = checkdate($mon, $day, $year); | |
363 | } | |
364 | ||
365 | if (!$result) { | |
366 | return FALSE; | |
367 | } | |
368 | ||
369 | // ensure we have month if required | |
370 | if ($monthRequired && !$m) { | |
371 | return FALSE; | |
372 | } | |
373 | ||
374 | // now make sure this date is greater that today | |
375 | $currentDate = getdate(); | |
376 | if ($year > $currentDate['year']) { | |
377 | return TRUE; | |
378 | } | |
379 | elseif ($year < $currentDate['year']) { | |
380 | return FALSE; | |
381 | } | |
382 | ||
383 | if ($m) { | |
384 | if ($mon > $currentDate['mon']) { | |
385 | return TRUE; | |
386 | } | |
387 | elseif ($mon < $currentDate['mon']) { | |
388 | return FALSE; | |
389 | } | |
390 | } | |
391 | ||
392 | if ($d) { | |
393 | if ($day > $currentDate['mday']) { | |
394 | return TRUE; | |
395 | } | |
396 | elseif ($day < $currentDate['mday']) { | |
397 | return FALSE; | |
398 | } | |
399 | } | |
400 | ||
401 | return TRUE; | |
402 | } | |
403 | ||
404 | /** | |
100fef9d | 405 | * Check the validity of a date or datetime (timestamp) |
6a488035 TO |
406 | * value which is in YYYYMMDD or YYYYMMDDHHMMSS format |
407 | * | |
408 | * Uses PHP checkdate() - params are ( int $month, int $day, int $year ) | |
409 | * | |
410 | * @param string $date | |
411 | * | |
a6c01b45 CW |
412 | * @return bool |
413 | * true if valid date | |
6a488035 | 414 | */ |
00be9182 | 415 | public static function mysqlDate($date) { |
6a488035 TO |
416 | // allow date to be null |
417 | if ($date == NULL) { | |
418 | return TRUE; | |
419 | } | |
420 | ||
421 | if (checkdate(substr($date, 4, 2), substr($date, 6, 2), substr($date, 0, 4))) { | |
422 | return TRUE; | |
423 | } | |
424 | ||
425 | return FALSE; | |
426 | } | |
427 | ||
5bc392e6 EM |
428 | /** |
429 | * @param $value | |
430 | * | |
431 | * @return bool | |
432 | */ | |
00be9182 | 433 | public static function integer($value) { |
6a488035 TO |
434 | if (is_int($value)) { |
435 | return TRUE; | |
436 | } | |
437 | ||
f942c321 DL |
438 | // CRM-13460 |
439 | // ensure number passed is always a string numeral | |
440 | if (!is_numeric($value)) { | |
441 | return FALSE; | |
442 | } | |
443 | ||
444 | // note that is_int matches only integer type | |
445 | // and not strings which are only integers | |
446 | // hence we do this here | |
447 | if (preg_match('/^\d+$/', $value)) { | |
448 | return TRUE; | |
449 | } | |
450 | ||
451 | if ($value < 0) { | |
6a488035 TO |
452 | $negValue = -1 * $value; |
453 | if (is_int($negValue)) { | |
454 | return TRUE; | |
455 | } | |
456 | } | |
457 | ||
6a488035 TO |
458 | return FALSE; |
459 | } | |
460 | ||
5bc392e6 EM |
461 | /** |
462 | * @param $value | |
463 | * | |
464 | * @return bool | |
465 | */ | |
00be9182 | 466 | public static function positiveInteger($value) { |
6a488035 TO |
467 | if (is_int($value)) { |
468 | return ($value < 0) ? FALSE : TRUE; | |
469 | } | |
470 | ||
f942c321 DL |
471 | // CRM-13460 |
472 | // ensure number passed is always a string numeral | |
473 | if (!is_numeric($value)) { | |
474 | return FALSE; | |
475 | } | |
476 | ||
477 | if (preg_match('/^\d+$/', $value)) { | |
6a488035 TO |
478 | return TRUE; |
479 | } | |
480 | ||
481 | return FALSE; | |
482 | } | |
483 | ||
fe61faf3 CW |
484 | /** |
485 | * @param $value | |
486 | * | |
487 | * @return bool | |
488 | */ | |
489 | public static function commaSeparatedIntegers($value) { | |
490 | foreach (explode(',', $value) as $val) { | |
62d7cac4 SL |
491 | // Remove any Whitespace around the key. |
492 | $val = trim($val); | |
fe61faf3 CW |
493 | if (!self::positiveInteger($val)) { |
494 | return FALSE; | |
495 | } | |
496 | } | |
497 | return TRUE; | |
498 | } | |
499 | ||
5bc392e6 EM |
500 | /** |
501 | * @param $value | |
502 | * | |
503 | * @return bool | |
504 | */ | |
00be9182 | 505 | public static function numeric($value) { |
f942c321 DL |
506 | // lets use a php gatekeeper to ensure this is numeric |
507 | if (!is_numeric($value)) { | |
508 | return FALSE; | |
509 | } | |
510 | ||
6a488035 TO |
511 | return preg_match('/(^-?\d\d*\.\d*$)|(^-?\d\d*$)|(^-?\.\d\d*$)/', $value) ? TRUE : FALSE; |
512 | } | |
513 | ||
d22982f3 SM |
514 | /** |
515 | * Test whether $value is alphanumeric. | |
516 | * | |
517 | * Underscores and dashes are also allowed! | |
518 | * | |
519 | * This is the type of string you could expect to see in URL parameters | |
520 | * like `?mode=live` vs `?mode=test`. This function exists so that we can be | |
521 | * strict about what we accept for such values, thus mitigating against | |
522 | * potential security issues. | |
523 | * | |
524 | * @see \CRM_Utils_RuleTest::alphanumericData | |
525 | * for examples of vales that give TRUE/FALSE here | |
526 | * | |
527 | * @param $value | |
528 | * | |
529 | * @return bool | |
530 | */ | |
531 | public static function alphanumeric($value) { | |
532 | return preg_match('/^[a-zA-Z0-9_-]*$/', $value) ? TRUE : FALSE; | |
533 | } | |
534 | ||
5bc392e6 EM |
535 | /** |
536 | * @param $value | |
537 | * @param $noOfDigit | |
538 | * | |
539 | * @return bool | |
540 | */ | |
00be9182 | 541 | public static function numberOfDigit($value, $noOfDigit) { |
6a488035 TO |
542 | return preg_match('/^\d{' . $noOfDigit . '}$/', $value) ? TRUE : FALSE; |
543 | } | |
544 | ||
8a52ae34 CW |
545 | /** |
546 | * Strict validation of 6-digit hex color notation per html5 <input type="color"> | |
547 | * | |
548 | * @param $value | |
549 | * @return bool | |
550 | */ | |
551 | public static function color($value) { | |
552 | return (bool) preg_match('/^#([\da-fA-F]{6})$/', $value); | |
553 | } | |
554 | ||
5bc392e6 | 555 | /** |
83644f47 | 556 | * Strip thousand separator from a money string. |
557 | * | |
558 | * Note that this should be done at the form layer. Once we are processing | |
559 | * money at the BAO or processor layer we should be working with something that | |
560 | * is already in a normalised format. | |
561 | * | |
562 | * @param string $value | |
5bc392e6 | 563 | * |
83644f47 | 564 | * @return string |
5bc392e6 | 565 | */ |
00be9182 | 566 | public static function cleanMoney($value) { |
6a488035 | 567 | // first remove all white space |
be2fb01f | 568 | $value = str_replace([' ', "\t", "\n"], '', $value); |
6a488035 TO |
569 | |
570 | $config = CRM_Core_Config::singleton(); | |
571 | ||
e7292422 | 572 | //CRM-14868 |
ef88f444 | 573 | $currencySymbols = CRM_Core_PseudoConstant::get( |
353ffa53 | 574 | 'CRM_Contribute_DAO_Contribution', |
be2fb01f | 575 | 'currency', [ |
353ffa53 TO |
576 | 'keyColumn' => 'name', |
577 | 'labelColumn' => 'symbol', | |
be2fb01f | 578 | ] |
e70a7fc0 | 579 | ); |
e7292422 | 580 | $value = str_replace($currencySymbols, '', $value); |
ef88f444 | 581 | |
6a488035 TO |
582 | if ($config->monetaryThousandSeparator) { |
583 | $mon_thousands_sep = $config->monetaryThousandSeparator; | |
584 | } | |
585 | else { | |
586 | $mon_thousands_sep = ','; | |
587 | } | |
588 | ||
589 | // ugly fix for CRM-6391: do not drop the thousand separator if | |
590 | // it looks like it’s separating decimal part (because a given | |
591 | // value undergoes a second cleanMoney() call, for example) | |
b81f42da | 592 | // CRM-15835 - in case the amount/value contains 0 after decimal |
593 | // eg 150.5 the following if condition will pass | |
594 | if ($mon_thousands_sep != '.' or (substr($value, -3, 1) != '.' && substr($value, -2, 1) != '.')) { | |
6a488035 TO |
595 | $value = str_replace($mon_thousands_sep, '', $value); |
596 | } | |
597 | ||
598 | if ($config->monetaryDecimalPoint) { | |
599 | $mon_decimal_point = $config->monetaryDecimalPoint; | |
600 | } | |
601 | else { | |
602 | $mon_decimal_point = '.'; | |
603 | } | |
604 | $value = str_replace($mon_decimal_point, '.', $value); | |
605 | ||
606 | return $value; | |
607 | } | |
608 | ||
5bc392e6 EM |
609 | /** |
610 | * @param $value | |
611 | * | |
612 | * @return bool | |
613 | */ | |
00be9182 | 614 | public static function money($value) { |
6a488035 TO |
615 | $config = CRM_Core_Config::singleton(); |
616 | ||
50bfb460 SB |
617 | // only edge case when we have a decimal point in the input money |
618 | // field and not defined in the decimal Point in config settings | |
6a488035 TO |
619 | if ($config->monetaryDecimalPoint && |
620 | $config->monetaryDecimalPoint != '.' && | |
50bfb460 | 621 | // CRM-7122 also check for Thousands Separator in config settings |
6a488035 TO |
622 | $config->monetaryThousandSeparator != '.' && |
623 | substr_count($value, '.') | |
624 | ) { | |
625 | return FALSE; | |
626 | } | |
627 | ||
628 | $value = self::cleanMoney($value); | |
629 | ||
630 | if (self::integer($value)) { | |
631 | return TRUE; | |
632 | } | |
633 | ||
ce18e8d1 MW |
634 | // Allow values such as -0, 1.024555, -.1 |
635 | // We need to support multiple decimal places here, not just the number allowed by locale | |
636 | // otherwise tax calculations break when you want the inclusive amount to be a round number (eg. £10 inc. VAT requires 8.333333333 here). | |
637 | return preg_match('/(^-?\d+\.?\d*$)|(^-?\.\d+$)/', $value) ? TRUE : FALSE; | |
6a488035 TO |
638 | } |
639 | ||
5bc392e6 EM |
640 | /** |
641 | * @param $value | |
642 | * @param int $maxLength | |
643 | * | |
644 | * @return bool | |
645 | */ | |
00be9182 | 646 | public static function string($value, $maxLength = 0) { |
6a488035 TO |
647 | if (is_string($value) && |
648 | ($maxLength === 0 || strlen($value) <= $maxLength) | |
649 | ) { | |
650 | return TRUE; | |
651 | } | |
652 | return FALSE; | |
653 | } | |
654 | ||
5bc392e6 EM |
655 | /** |
656 | * @param $value | |
657 | * | |
658 | * @return bool | |
659 | */ | |
00be9182 | 660 | public static function boolean($value) { |
6a488035 TO |
661 | return preg_match( |
662 | '/(^(1|0)$)|(^(Y(es)?|N(o)?)$)|(^(T(rue)?|F(alse)?)$)/i', $value | |
663 | ) ? TRUE : FALSE; | |
664 | } | |
665 | ||
5bc392e6 EM |
666 | /** |
667 | * @param $value | |
668 | * | |
669 | * @return bool | |
670 | */ | |
00be9182 | 671 | public static function email($value) { |
6a488035 TO |
672 | return (bool) filter_var($value, FILTER_VALIDATE_EMAIL); |
673 | } | |
674 | ||
5bc392e6 EM |
675 | /** |
676 | * @param $list | |
677 | * | |
678 | * @return bool | |
679 | */ | |
00be9182 | 680 | public static function emailList($list) { |
6a488035 TO |
681 | $emails = explode(',', $list); |
682 | foreach ($emails as $email) { | |
683 | $email = trim($email); | |
684 | if (!self::email($email)) { | |
685 | return FALSE; | |
686 | } | |
687 | } | |
688 | return TRUE; | |
689 | } | |
690 | ||
5bc392e6 | 691 | /** |
4f1f1f2a CW |
692 | * allow between 4-6 digits as postal code since india needs 6 and US needs 5 (or |
693 | * if u disregard the first 0, 4 (thanx excel!) | |
694 | * FIXME: we need to figure out how to localize such rules | |
5bc392e6 EM |
695 | * @param $value |
696 | * | |
697 | * @return bool | |
698 | */ | |
00be9182 | 699 | public static function postalCode($value) { |
6a488035 TO |
700 | if (preg_match('/^\d{4,6}(-\d{4})?$/', $value)) { |
701 | return TRUE; | |
702 | } | |
703 | return FALSE; | |
704 | } | |
705 | ||
706 | /** | |
100fef9d | 707 | * See how file rules are written in HTML/QuickForm/file.php |
6a488035 TO |
708 | * Checks to make sure the uploaded file is ascii |
709 | * | |
ea3ddccf | 710 | * @param string $elementValue |
711 | * | |
a6c01b45 | 712 | * @return bool |
ea3ddccf | 713 | * True if file has been uploaded, false otherwise |
6a488035 | 714 | */ |
00be9182 | 715 | public static function asciiFile($elementValue) { |
6a488035 TO |
716 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || |
717 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
718 | ) { | |
719 | return CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
720 | } | |
721 | return FALSE; | |
722 | } | |
723 | ||
724 | /** | |
725 | * Checks to make sure the uploaded file is in UTF-8, recodes if it's not | |
726 | * | |
ea3ddccf | 727 | * @param array $elementValue |
728 | * | |
a6c01b45 | 729 | * @return bool |
ea3ddccf | 730 | * Whether file has been uploaded properly and is now in UTF-8. |
6a488035 | 731 | */ |
00be9182 | 732 | public static function utf8File($elementValue) { |
6a488035 TO |
733 | $success = FALSE; |
734 | ||
735 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || | |
736 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
737 | ) { | |
738 | ||
739 | $success = CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
740 | ||
741 | // if it's a file, but not UTF-8, let's try and recode it | |
742 | // and then make sure it's an UTF-8 file in the end | |
743 | if (!$success) { | |
744 | $success = CRM_Utils_File::toUtf8($elementValue['tmp_name']); | |
745 | if ($success) { | |
746 | $success = CRM_Utils_File::isAscii($elementValue['tmp_name']); | |
747 | } | |
748 | } | |
749 | } | |
750 | return $success; | |
751 | } | |
752 | ||
753 | /** | |
100fef9d | 754 | * See how file rules are written in HTML/QuickForm/file.php |
6a488035 TO |
755 | * Checks to make sure the uploaded file is html |
756 | * | |
ea3ddccf | 757 | * @param array $elementValue |
758 | * | |
a6c01b45 | 759 | * @return bool |
ea3ddccf | 760 | * True if file has been uploaded, false otherwise |
6a488035 | 761 | */ |
00be9182 | 762 | public static function htmlFile($elementValue) { |
6a488035 TO |
763 | if ((isset($elementValue['error']) && $elementValue['error'] == 0) || |
764 | (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none') | |
765 | ) { | |
766 | return CRM_Utils_File::isHtmlFile($elementValue['tmp_name']); | |
767 | } | |
768 | return FALSE; | |
769 | } | |
770 | ||
771 | /** | |
fe482240 | 772 | * Check if there is a record with the same name in the db. |
6a488035 | 773 | * |
77855840 TO |
774 | * @param string $value |
775 | * The value of the field we are checking. | |
776 | * @param array $options | |
35b63106 | 777 | * The daoName, fieldName (optional) and DomainID (optional). |
6a488035 | 778 | * |
408b79bf | 779 | * @return bool |
a6c01b45 | 780 | * true if object exists |
6a488035 | 781 | */ |
00be9182 | 782 | public static function objectExists($value, $options) { |
6a488035 TO |
783 | $name = 'name'; |
784 | if (isset($options[2])) { | |
785 | $name = $options[2]; | |
786 | } | |
787 | ||
35b63106 | 788 | return CRM_Core_DAO::objectExists($value, CRM_Utils_Array::value(0, $options), CRM_Utils_Array::value(1, $options), CRM_Utils_Array::value(2, $options, $name), CRM_Utils_Array::value(3, $options)); |
6a488035 TO |
789 | } |
790 | ||
5bc392e6 EM |
791 | /** |
792 | * @param $value | |
793 | * @param $options | |
794 | * | |
795 | * @return bool | |
796 | */ | |
00be9182 | 797 | public static function optionExists($value, $options) { |
e6101f17 | 798 | return CRM_Core_OptionValue::optionExists($value, $options[0], $options[1], $options[2], CRM_Utils_Array::value(3, $options, 'name'), CRM_Utils_Array::value(4, $options, FALSE)); |
6a488035 TO |
799 | } |
800 | ||
5bc392e6 EM |
801 | /** |
802 | * @param $value | |
803 | * @param $type | |
804 | * | |
805 | * @return bool | |
806 | */ | |
00be9182 | 807 | public static function creditCardNumber($value, $type) { |
6a488035 TO |
808 | return Validate_Finance_CreditCard::number($value, $type); |
809 | } | |
810 | ||
5bc392e6 EM |
811 | /** |
812 | * @param $value | |
813 | * @param $type | |
814 | * | |
815 | * @return bool | |
816 | */ | |
00be9182 | 817 | public static function cvv($value, $type) { |
6a488035 TO |
818 | return Validate_Finance_CreditCard::cvv($value, $type); |
819 | } | |
820 | ||
5bc392e6 EM |
821 | /** |
822 | * @param $value | |
823 | * | |
824 | * @return bool | |
825 | */ | |
00be9182 | 826 | public static function currencyCode($value) { |
6a488035 TO |
827 | static $currencyCodes = NULL; |
828 | if (!$currencyCodes) { | |
829 | $currencyCodes = CRM_Core_PseudoConstant::currencyCode(); | |
830 | } | |
831 | if (in_array($value, $currencyCodes)) { | |
832 | return TRUE; | |
833 | } | |
834 | return FALSE; | |
835 | } | |
836 | ||
5bc392e6 EM |
837 | /** |
838 | * @param $value | |
839 | * | |
840 | * @return bool | |
841 | */ | |
00be9182 | 842 | public static function xssString($value) { |
6a488035 TO |
843 | if (is_string($value)) { |
844 | return preg_match('!<(vb)?script[^>]*>.*</(vb)?script.*>!ims', | |
845 | $value | |
846 | ) ? FALSE : TRUE; | |
847 | } | |
848 | else { | |
849 | return TRUE; | |
850 | } | |
851 | } | |
852 | ||
88251439 | 853 | /** |
854 | * Validate json string for xss | |
855 | * | |
856 | * @param string $value | |
857 | * | |
858 | * @return bool | |
859 | * False if invalid, true if valid / safe. | |
860 | */ | |
861 | public static function json($value) { | |
862 | if (!self::xssString($value)) { | |
863 | return FALSE; | |
864 | } | |
865 | $array = json_decode($value, TRUE); | |
866 | if (!$array || !is_array($array)) { | |
867 | return FALSE; | |
868 | } | |
869 | return self::arrayValue($array); | |
870 | } | |
871 | ||
5bc392e6 EM |
872 | /** |
873 | * @param $path | |
874 | * | |
875 | * @return bool | |
876 | */ | |
00be9182 | 877 | public static function fileExists($path) { |
6a488035 TO |
878 | return file_exists($path); |
879 | } | |
880 | ||
d9d7e7dd TO |
881 | /** |
882 | * Determine whether the value contains a valid reference to a directory. | |
883 | * | |
884 | * Paths stored in the setting system may be absolute -- or may be | |
885 | * relative to the default data directory. | |
886 | * | |
887 | * @param string $path | |
888 | * @return bool | |
889 | */ | |
890 | public static function settingPath($path) { | |
e3d28c74 | 891 | return is_dir(Civi::paths()->getPath($path)); |
d9d7e7dd TO |
892 | } |
893 | ||
5bc392e6 EM |
894 | /** |
895 | * @param $value | |
896 | * @param null $actualElementValue | |
897 | * | |
898 | * @return bool | |
899 | */ | |
00be9182 | 900 | public static function validContact($value, $actualElementValue = NULL) { |
6a488035 TO |
901 | if ($actualElementValue) { |
902 | $value = $actualElementValue; | |
903 | } | |
904 | ||
258570f7 | 905 | return CRM_Utils_Rule::positiveInteger($value); |
6a488035 TO |
906 | } |
907 | ||
908 | /** | |
100fef9d | 909 | * Check the validity of the date (in qf format) |
6a488035 TO |
910 | * note that only a year is valid, or a mon-year is |
911 | * also valid in addition to day-mon-year | |
912 | * | |
913 | * @param array $date | |
914 | * | |
a6c01b45 CW |
915 | * @return bool |
916 | * true if valid date | |
6a488035 | 917 | */ |
00be9182 | 918 | public static function qfDate($date) { |
6a488035 TO |
919 | $config = CRM_Core_Config::singleton(); |
920 | ||
921 | $d = CRM_Utils_Array::value('d', $date); | |
922 | $m = CRM_Utils_Array::value('M', $date); | |
923 | $y = CRM_Utils_Array::value('Y', $date); | |
924 | if (isset($date['h']) || | |
925 | isset($date['g']) | |
926 | ) { | |
927 | $m = CRM_Utils_Array::value('M', $date); | |
928 | } | |
929 | ||
930 | if (!$d && !$m && !$y) { | |
931 | return TRUE; | |
932 | } | |
933 | ||
934 | $day = $mon = 1; | |
935 | $year = 0; | |
936 | if ($d) { | |
937 | $day = $d; | |
938 | } | |
939 | if ($m) { | |
940 | $mon = $m; | |
941 | } | |
942 | if ($y) { | |
943 | $year = $y; | |
944 | } | |
945 | ||
946 | // if we have day we need mon, and if we have mon we need year | |
947 | if (($d && !$m) || | |
948 | ($d && !$y) || | |
949 | ($m && !$y) | |
950 | ) { | |
951 | return FALSE; | |
952 | } | |
953 | ||
954 | if (!empty($day) || !empty($mon) || !empty($year)) { | |
955 | return checkdate($mon, $day, $year); | |
956 | } | |
957 | return FALSE; | |
958 | } | |
959 | ||
5bc392e6 EM |
960 | /** |
961 | * @param $key | |
962 | * | |
963 | * @return bool | |
964 | */ | |
00be9182 | 965 | public static function qfKey($key) { |
6a488035 TO |
966 | return ($key) ? CRM_Core_Key::valid($key) : FALSE; |
967 | } | |
96025800 | 968 | |
79326ee2 SB |
969 | /** |
970 | * Check if the values in the date range are in correct chronological order. | |
971 | * | |
972 | * @param array $fields | |
973 | * Fields of the form. | |
974 | * @param $fieldName | |
975 | * Name of date range field. | |
976 | * @param $errors | |
977 | * The error array. | |
978 | * @param $title | |
979 | * Title of the date range to be displayed in the error message. | |
980 | */ | |
981 | public static function validDateRange($fields, $fieldName, &$errors, $title) { | |
982 | $lowDate = strtotime($fields[$fieldName . '_low']); | |
983 | $highDate = strtotime($fields[$fieldName . '_high']); | |
984 | ||
985 | if ($lowDate > $highDate) { | |
be2fb01f | 986 | $errors[$fieldName . '_range_error'] = ts('%1: Please check that your date range is in correct chronological order.', [1 => $title]); |
79326ee2 SB |
987 | } |
988 | } | |
989 | ||
5df85a46 SL |
990 | /** |
991 | * @param string $key Extension Key to check | |
992 | * @return bool | |
993 | */ | |
9e1d9d01 | 994 | public static function checkExtensionKeyIsValid($key = NULL) { |
5df85a46 SL |
995 | if (!empty($key) && !preg_match('/^[0-9a-zA-Z._-]+$/', $key)) { |
996 | return FALSE; | |
997 | } | |
998 | return TRUE; | |
999 | } | |
1000 | ||
88251439 | 1001 | /** |
1002 | * Validate array recursively checking keys and values. | |
1003 | * | |
1004 | * @param array $array | |
1005 | * @return bool | |
1006 | */ | |
1007 | protected static function arrayValue($array) { | |
1008 | foreach ($array as $key => $item) { | |
1009 | if (is_array($item)) { | |
1010 | if (!self::xssString($key) || !self::arrayValue($item)) { | |
1011 | return FALSE; | |
1012 | } | |
1013 | } | |
1014 | if (!self::xssString($key) || !self::xssString($item)) { | |
1015 | return FALSE; | |
1016 | } | |
1017 | } | |
1018 | return TRUE; | |
1019 | } | |
1020 | ||
6a488035 | 1021 | } |